Configure the Privilege Management MMC PMC snap-in

Setup Information is available for the MMC snap-in on the Access Settings page. On the dashboard page, click the Access Settings tile to view the details.

You need to install and configure the Privilege Management MMC on the machine you will use to administer PMC policy.

The installation packages differ based on your operating system:

  • For 32-bit (x86) systems run PrivilegeManagementPolicyEditor_x86.exe.
  • For 64-bit (x64) systems run PrivilegeManagementPolicyEditor_x64.exe.
For more information, please see the following:

Add and Configure the Privilege Management PMC Snap-in

You need to use the Privilege Management MMC PMC snap-in for the Microsoft Management Console (MMC) to manage policy for endpoints managed by PMC.

To load the Privilege Management PMC snap-in for the MMC:

  1. Run mmc.exe from the Start menu.
  2. Click File > Add/Remove Snap-in and select Privilege Management Settings (PMC). Click Add.
  3. Select the Privilege Management Settings (PMC) node and click PMC Connection under Settings.

Ensure you install the Privilege Management Settings (PMC) snap-in, rather than the Privilege Management Settings snap-in.

The next step is to configure the MMC to connect to PMC.

Setting What to Enter
Connection
Server URL This is the URL for PMC with 443 in the Port field.

This is shown on the Finish tab of the deployment wizard.

For example, https://<customerhost>-services.pm.beyondtrust.cloud.com, where customerhost is the instance hostname for your Privilege Management Console.

Tenant ID

This can be located at Administration > Access Settings in the PMC Portal.

Authorization Provider
URL

This is the URL for PMC with :443/oauth appended to it.

For example, https://customerhost-services.pm.beyondtrust.cloud.com, where customerhost is the instance hostname for your Privilege Management Console.

Identification
MMC Client ID

This needs to be the same GUID you generated and used in the PMC connection settings at Administration > Access Settings in the PMC portal.

Client Return URI Enter http://defendpoint-mmc.com. This string does not resolve but needs to be as stated.
Amend token resource ID

Check this box. This string needs to be https://api.ic3.avecto.com. This string does not resolve but needs to be as stated.

For more information, please see the following: